Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/KBXJI5UIPp4vp4myMJ9w08TgQzE.roa
File: KBXJI5UIPp4vp4myMJ9w08TgQzE.roa (raw, json)
Hash identifier: VW6V6eR6e2qlUAXPTaYVT5ykAM5c8BoyllEiXJtc7AA=
Subject key identifier: 28:15:C9:23:95:08:3E:9E:2F:A7:89:B2:30:9F:70:D3:C4:E0:43:31
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E148EB646E16A432A6B2A97BA1213
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/KBXJI5UIPp4vp4myMJ9w08TgQzE.roa
Signing time: Mon 01 Jan 2024 14:29:34 +0000
ROA not before: Mon 01 Jan 2024 14:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202375
IP address blocks: 89.45.209.0/24 maxlen: 24
89.42.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 08:05:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:14:8e:b6:46:e1:6a:43:2a:6b:2a:97:ba:12:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2815c92395083e9e2fa789b2309f70d3c4e04331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:47:ea:53:d6:3a:78:32:46:ab:96:d1:b6:7d:
02:ba:66:7e:2b:97:ab:4e:95:00:a1:a4:91:c8:57:
62:10:3e:18:6b:ad:bc:88:d9:35:94:a5:0d:aa:94:
99:8e:54:c4:4c:aa:1e:c1:67:21:d1:8e:36:33:47:
55:da:b1:7a:15:d4:e7:b4:a9:ea:4c:5b:80:4f:5a:
34:da:67:f7:a0:9e:46:fe:c7:05:fa:cc:be:a9:84:
b0:5a:79:f0:14:3c:1a:4d:a1:f3:1a:19:cf:20:45:
12:68:35:89:e7:58:3c:e7:70:2f:14:c9:e2:f1:df:
0b:ff:72:7e:93:17:c8:62:55:1e:c4:ca:45:c8:90:
48:8e:33:f6:43:39:b0:f3:0f:fd:43:0e:c4:af:63:
e4:76:25:e4:10:c2:fb:db:7d:78:86:c5:1a:b3:38:
16:3f:7f:e7:93:27:db:57:eb:12:9c:6d:cb:98:ca:
74:b1:d0:bf:9b:1b:94:f4:1c:64:2c:4a:92:3b:e6:
0f:7d:4f:4b:22:34:01:bb:a5:1d:73:e0:c4:34:88:
d4:44:e6:d1:a1:c3:e0:ba:50:1c:47:8a:34:04:57:
de:3f:1b:5b:55:cd:68:eb:ba:c3:75:75:88:3e:9d:
66:38:20:a3:64:93:66:f8:45:ec:47:48:bf:c3:c6:
80:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:15:C9:23:95:08:3E:9E:2F:A7:89:B2:30:9F:70:D3:C4:E0:43:31
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/KBXJI5UIPp4vp4myMJ9w08TgQzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.71.0/24
89.45.209.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:f6:87:53:b4:70:74:fc:d2:40:75:7e:a2:79:b9:71:06:92:
8f:75:b2:9d:b8:bc:00:8c:65:01:35:3f:46:ba:38:95:4f:90:
83:9e:83:53:30:e2:bb:c8:0b:f5:dc:5a:91:ae:8d:0b:a3:ba:
b0:26:aa:84:95:dd:01:aa:e0:85:a6:89:a2:66:ae:07:75:16:
23:1e:25:83:51:63:64:65:97:78:64:d2:08:84:35:4d:60:3e:
56:c2:56:47:37:8b:61:61:78:10:15:82:8f:d0:b1:b9:9a:44:
03:3a:a2:68:ec:94:f9:0a:4d:79:4e:07:fc:59:e2:72:8f:4c:
24:0a:c8:1b:e3:bb:ab:22:2d:05:09:ec:b9:d9:f5:a0:9c:cb:
a9:f0:13:65:13:1e:d1:75:c5:69:4e:9e:be:ee:44:19:23:30:
8f:04:2f:53:55:74:9d:77:2d:40:45:69:52:b6:6e:b3:bd:9e:
de:76:a6:b2:fa:68:f7:a4:e6:96:e1:48:9b:55:ea:f3:c9:e5:
8d:32:5f:40:2e:8a:c6:1c:c3:ac:55:04:4d:e3:56:60:31:01:
f9:69:ca:27:24:26:5c:bd:85:ea:0d:43:a9:a2:32:c4:18:11:
34:0c:fb:e7:bc:c9:5b:af:93:b2:81:a4:27:42:39:e5:2c:3e:
61:8a:5d:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbhSOtkbhakMqayqXuhITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODE1YzkyMzk1MDgzZTllMmZhNzg5YjIzMDlmNzBkM2M0ZTA0MzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUfqU9Y6eDJGq5bRtn0CumZ+K5er
TpUAoaSRyFdiED4Ya628iNk1lKUNqpSZjlTETKoewWch0Y42M0dV2rF6FdTntKnq
TFuAT1o02mf3oJ5G/scF+sy+qYSwWnnwFDwaTaHzGhnPIEUSaDWJ51g853AvFMni
8d8L/3J+kxfIYlUexMpFyJBIjjP2Qzmw8w/9Qw7Er2PkdiXkEML72314hsUaszgW
P3/nkyfbV+sSnG3LmMp0sdC/mxuU9BxkLEqSO+YPfU9LIjQBu6Udc+DENIjURObR
ocPgulAcR4o0BFfePxtbVc1o67rDdXWIPp1mOCCjZJNm+EXsR0i/w8aAgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCgVySOVCD6eL6eJsjCfcNPE4EMxMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvS0JYSkk1VUlQcDR2cDRteU1KOXcwOFRnUXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSpHAwQA
WS3RMA0GCSqGSIb3DQEBCwUAA4IBAQC19odTtHB0/NJAdX6ieblxBpKPdbKduLwA
jGUBNT9GujiVT5CDnoNTMOK7yAv13FqRro0Lo7qwJqqEld0BquCFpomiZq4HdRYj
HiWDUWNkZZd4ZNIIhDVNYD5WwlZHN4thYXgQFYKP0LG5mkQDOqJo7JT5Ck15Tgf8
WeJyj0wkCsgb47urIi0FCey52fWgnMup8BNlEx7RdcVpTp6+7kQZIzCPBC9TVXSd
dy1ARWlStm6zvZ7edqay+mj3pOaW4UibVerzyeWNMl9ALorGHMOsVQRN41ZgMQH5
aconJCZcvYXqDUOpojLEGBE0DPvnvMlbr5OygaQnQjnlLD5hil3V
-----END CERTIFICATE-----
Generated at Tue Sep 10 10:50:59 2024 by rpki-client on console-ams.rpki-client.org